Bill Toulas reports: Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware. The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in…
Category: Phishing
Ukraine’s CERT Thwarts APT28’s Cyberattack on Critical Energy Infrastructure
Seen on The Hacker News: The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates the infection chain. “Visiting…
Kudos to North Mississippi Health Services for fast detection and disruption of attack
Kudos to the North Mississippi Health Services for rapid detection and interruption of a phishing attack. In a website notice dated September 1, NMHS explains that on July 3, they discovered unauthorized access through an employee’s email account after a phishing email was unintentionally opened. “Our Security Operation Committee (SOC) promptly shut down the system,…
Why is .US Being Used to Phish So Many of Us?
Brian Krebs reports: Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only…
Lawrence schools trying to recover $2.7 million ‘frozen’ by online phishing scheme, officials say
Travis Andersen reports: The Lawrence Public Schools are working to recover $2.7 million in funds that were recently “frozen” when a staffer responded to a phishing email sent by scammers posing as a vendor for the school district, city officials said. Mayor Brian A. DePeña’s office held an emergency meeting Thursday with informational technology specialists…
EvilProxy Cyberattack Flood Targets Execs via Microsoft 365
Elizabeth Montalbano reports: Attackers have unleashed an EvilProxy phishing campaign to target thousands of Microsoft 365 user accounts worldwide, sending a flood of 120,000 phishing emails to more than 100 organizations across the globe in the three-month period between March and June alone. The goal? To take over C-suite and other executive accounts, in order to…